e31a9765c27c8a150654616557197788dc7653c61f9b96d3aba315b3217b583c | Triage

Submit
Reports

Overview

overview

5

Static

static

5

RFQ 3100185 MAHAD.exe

windows7-x64

5

RFQ 3100185 MAHAD.exe

windows10-2004-x64

5

Sharing

General

Target

e31a9765c27c8a150654616557197788dc7653c61f9b96d3aba315b3217b583c
Size

760KB
Sample

241120-dgnysszdrq
MD5

0fcd478bfd8ba341a434421147f30953
SHA1

a529edcac9a4cd780dc46a3ad355b1a5b56c4ebb
SHA256

e31a9765c27c8a150654616557197788dc7653c61f9b96d3aba315b3217b583c
SHA512

993ecc399f5d4b99be437f462eb3f885118089e382ed5f0cb7a749d9bfdcef9a484613ddf5690f6376ed20e4c0de9f367e1a88df6c9233c54863e5d8fc45eac8
SSDEEP

12288:bDB+h4tSkQhX4fBT58PmyAmxHk/iEz70XwLDNB9yNR0SlDz7z3ft6lzLR6RZYRg1:bnXPfdu+A5KzN6OSlD7ftDRmRg8nTS3

Score

5^/10

discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

RFQ 3100185 MAHAD.exe

Resource

win7-20241010-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

RFQ 3100185 MAHAD.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  RFQ 3100185 MAHAD.exe
- Size
  
  1.2MB
- MD5
  
  9d6670fbee5ffd65a666a3238db4f622
- SHA1
  
  ea392d5a0a4007170be83b4d17ebd6d346b39629
- SHA256
  
  4a918ba2805dd458e2b776cae6fd6dd1a2a8ef1c4d8cbd02c2feaa69c49d4367
- SHA512
  
  0f1c0e1da310d593d1425564a1d3333487968d5c46b9581d2474ba6521fb9f96afffcbcb836b673bd321748ecd16e8276846cdbc28a607e6e9a3c52e6254248c
- SSDEEP
  
  24576:ctb20pkaCqT5TBWgNQ7altQqhh3RtVR43Y8nFlhh6A:FVg5tQ7almCRtVJ8nFlb5
Score

5^/10

discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy